Thanks for that info, @AtariDump@lemmy.world

I highly recommend OPNsense over pfSense for the UI improvements alone, but there are other reasons to use/support OPNsense over pfSense.

Can you list or summarize some of the other reasons?

Before Linux command line?

I host tt-rss in docker and use Tiny Tiny RSS in GrapheneOS.

When I install qbittorrent via docker, I see this in the docker logs:

qbittorrent-1         | 2024-11-04T15:25:25.201955254Z The WebUI administrator username is: admin
qbittorrent-1         | 2024-11-04T15:25:25.201974066Z The WebUI administrator password was not set. A temporary password is provided for this session: H7ct3xPes

That’s the default admin credentials for the instance. I can then change the login or pw in the UI.

Thanks for sharing about Backrest. I use Restic and Backrest looks like a great addition to it.

I should add the d.rymcg.tech includes step-ca if you want to host your own CA server, but I agree with @joe@discuss.tchnic.de : it’s not necessary for securely hosting services, and ir can be dangerous I’d not done carefully.

I have a similar setup. I use d.rymcg.tech (a configuration manager for Docker, as well as a collection of open source web services and config templates) and have Traefik (reverse proxy) on a Digital Ocean dropet connected to a VM in my home lab through wireguard. This framework allows me to put authentication and authoriation in front of any apps/services I’m hosting (HTTP basic auth, oauth2, mTLS). This setup allows me to control what is allowed access from outside of my home, without opening any ports.

Glances?

I self-host xBrowserSync. It’s a bookmark sync tool, not a link manager, but it does that very well (set-and-forget - it’s almost invisible). There are browser extensions and mobile apps

I’ve also used Shaarli, which is more of a link sharing tool. Don’t remember much about it, though - sorry.

I think most of the other suggestions seem like a better solution than WordPress, but there is a plugin for WordPress that exports static websites.

Applause for the term “pluriverse” (did you coin it?).

And a standing ovation for the alliterative phrase “pluriverse of protocols”.

I run MiniO in Docker. Love it. I’ve never used Garage or Seaweed.

[SOLVED!] That Stack Exchange post was the solution! I had to ask ChatGPT for assistance (e.g., “how do I view the contents of a .crt and a .p12?”, “how do I add a CA to a client cert?”), but it worked. Thanks for your help, @Evkob@lemmy.ca.

I don’t think I would have ever thought that my client cert didn’t contain the CA, especially because when I clicked on the client cert that was installed in GrapheneOS, it showed me a summary that said it did contain a CA! grrrr

(tagging @one_knight_scripting@lemmy.world as he wanted to know the solution)

Wow! That sounds exactly like my issue. I’ll try the workaround tomorrow. Thanks, @evkob@lemmy.ca.

Thanks for your research and the suggestion, @Evkob@lemmy.ca.

I wasn’t able to make that work, but I don’t think it was trying to solve the problem I’m having, anyway. That procedure was to add self signed SSL certificate to Android, but my certificate is neither self-signed nor an SSL cert. At least I think not - I find certs very confusing. The cert I’m trying to work with is an mTLS cert, a client cert. It’s not used to establish a secure SSL connections, it’s used to verify that I (the person with the cert) and authorized to use the app.

Additionally, I’m able to successfully install the cert into Android, but the problem is that it seems to be ignored. The mTLS cert is installed in GrapheneOS’s “VPN & App User Certificate” section, and my CA cert is installed in the “CA Certificate” section. Vanadium, Fennec, and Mull browsers just aren’t using them. :(

Thanks for the reply, @Evkob@lemmy.ca.

I tried to install my client cert in “CA Certificate” but the certificate manager app in GrapheneOS said that it was the wrong kind of cert to be used in “CA Certificate”. It is, after all, a client cert, not a CA cert.

:(

FYI, there’s also https://github.com/walkxcode/dashboard-icons ?

Its not an “icon font”, but it’s a good source of icons.

I’m trying to deGoogle/deFAANG/deBigData so I try to host FOSS alternatives to every service I use on the internet, though some services won’t be possible or practical (e.g., email).

I host:

• audiobookshelf (to stream and sync podcasts between my devices)
• baikal (to host contacts and calendars)
• cryptpad (for collaborative spreadsheets and kanban, though it does more than this)
• drawio (flowchart-like diagrams
• forgejo (my git repos and oauth2)
• homepage (personal dashboard of services and links)
• invidious (youtube frontend)
• lemmy (duh :) )
• minio (S3 object storage)
• mosquitto (mqtt server)
• nextcloud (can do a lot, but I’m only using it to look at Memories for photo storage and management - I currently selfhost Photostructure, but it’s not FOSS)
• peertube (youtube alternative)
• prometheus (metrics monitoring)
• qbittorrent (torrents)
• syncthing (currently only used to sync photos from my pixel to my server, but might be replaced if I switch to a photo management app that has an android app that can sync images)
• tiddlywiki-nodejs (pretty powerful wiki, but I use it just to sync text-based info between devices)
• traefik (reverse proxy in front of everything I host)
• tt-rss (RSS feeds)
• vaultwarden (password management - this is a fork of bitwarden)
• wordpress (for my personal websites)
• xbrowsersync (bookmark syncing between browsers/devices)

I use the d.rymcg.tech framework. It’s a little over my head, but the framework makes it pretty easy to use all the apps. It’s a bit tricky to add new apps to the framework, but it’s fun and all the source is there to learn from and the developer is really nice and really helpful.

Matrix is good, secure, very versatile, Foss, and easy to use, but I think not easy to set up or manage.